k 5.1 crashes when executing this:
$var(test_uri) = "tel:+358447058060"; xlog("L_INFO", "****** extracting domain from <$var(test_uri)>\n"); $rd = $(var(test_uri){uri.host}); xlog("L_INFO", "****** request uri is <$ru>\n");
Apr 7 15:15:17 lohi /usr/bin/sip-proxy[14477]: INFO: ****** extracting domain from tel:+358447058060 Apr 7 15:15:17 lohi kernel: [63113.914477] sip-proxy[14477]: segfault at 7c0410 ip 00007f9d268703e0 sp 00007ffe1d5bcd20 error 7 in pv.so[7f9d2680a000+9e000] Apr 7 15:15:17 lohi /usr/bin/sip-proxy[14503]: CRITICAL: <core> [core/pass_fd.c:277]: receive_fd(): EOF on 38
bt is below.
-- juha
-----------------------------------------------------------------
(gdb) bt #0 0x00007f9d268703e0 in pv_set_ruri_host (msg=0x7f9d33607090, param=0x7f9d32ca42c0, op=254, val=0x7ffe1d5bcfc0) at pv_core.c:2243 #1 0x00000000005964dc in lval_pvar_assign (h=0x7ffe1d5bd770, msg=0x7f9d33607090, lv=0x7f9d32ca4240, rv=0x7f9d32ca4918) at core/lvalue.c:351 #2 0x0000000000596eed in lval_assign (h=0x7ffe1d5bd770, msg=0x7f9d33607090, lv=0x7f9d32ca4240, rve=0x7f9d32ca4910) at core/lvalue.c:399 #3 0x00000000004807c4 in do_action (h=0x7ffe1d5bd770, a=0x7f9d32ca44e0, msg=0x7f9d33607090) at core/action.c:1430 #4 0x000000000048224e in run_actions (h=0x7ffe1d5bd770, a=0x7f9d32ca3170, msg=0x7f9d33607090) at core/action.c:1552 #5 0x0000000000482a11 in run_top_route (a=0x7f9d32ca3170, msg=0x7f9d33607090, c=0x0) at core/action.c:1641 #6 0x000000000059a3e0 in receive_msg ( buf=0x1242930 "SUBSCRIBE sip:127.0.0.1:5080;transport=tcp SIP/2.0\r\nVia: SIP/2.0/TCP 192.168.43.192:35987;branch=z9hG4bK60fe34942bb48c45;rport\r\nContact: <sip:test@test.tutpro.com;gr=urn:uuid:47759291-c9db-4eb3-a540-5"..., len=945, rcv_info=0x7f9d28a2b5d8) at core/receive.c:263 #7 0x0000000000624f83 in receive_tcp_msg ( tcpbuf=0x7f9d28a2b8b0 "SUBSCRIBE sip:127.0.0.1:5080;transport=tcp SIP/2.0\r\nVia: SIP/2.0/TCP 192.168.43.192:35987;branch=z9hG4bK60fe34942bb48c45;rport\r\nContact: <sip:test@test.tutpro.com;gr=urn:uuid:47759291-c9db-4eb3-a540-5"..., len=945, rcv_info=0x7f9d28a2b5d8, con=0x7f9d28a2b5c0) at core/tcp_read.c:1277 #8 0x0000000000626fa3 in tcp_read_req (con=0x7f9d28a2b5c0, bytes_read=0x7ffe1d5bdc68, read_flags=0x7ffe1d5bdc6c) at core/tcp_read.c:1445 #9 0x0000000000629c26 in handle_io (fm=0x7f9d3366cb38, events=1, idx=-1) at core/tcp_read.c:1619 #10 0x000000000061bcce in io_wait_loop_epoll (h=0xa9a900 <io_w>, t=2, repeat=0) at core/io_wait.h:1065 #11 0x000000000062baad in tcp_receive_loop (unix_sock=41) at core/tcp_read.c:1789 #12 0x0000000000502498 in tcp_init_children () at core/tcp_main.c:4816 #13 0x0000000000424b9f in main_loop () at main.c:1708 #14 0x000000000042b2e9 in main (argc=17, argv=0x7ffe1d5be308) at main.c:2639 (gdb)
Is it latest master? The line is matching an LM_ERR() with only static string.
You should list the code, in gdb:
frame 0
list
Cheers, Daniel
On 07.04.17 14:20, Juha Heinanen wrote:
k 5.1 crashes when executing this:
$var(test_uri) = "tel:+358447058060"; xlog("L_INFO", "****** extracting domain from <$var(test_uri)>\n"); $rd = $(var(test_uri){uri.host}); xlog("L_INFO", "****** request uri is <$ru>\n");Apr 7 15:15:17 lohi /usr/bin/sip-proxy[14477]: INFO: ****** extracting domain from tel:+358447058060 Apr 7 15:15:17 lohi kernel: [63113.914477] sip-proxy[14477]: segfault at 7c0410 ip 00007f9d268703e0 sp 00007ffe1d5bcd20 error 7 in pv.so[7f9d2680a000+9e000] Apr 7 15:15:17 lohi /usr/bin/sip-proxy[14503]: CRITICAL: <core> [core/pass_fd.c:277]: receive_fd(): EOF on 38
bt is below.
-- juha
(gdb) bt #0 0x00007f9d268703e0 in pv_set_ruri_host (msg=0x7f9d33607090, param=0x7f9d32ca42c0, op=254, val=0x7ffe1d5bcfc0) at pv_core.c:2243 #1 0x00000000005964dc in lval_pvar_assign (h=0x7ffe1d5bd770, msg=0x7f9d33607090, lv=0x7f9d32ca4240, rv=0x7f9d32ca4918) at core/lvalue.c:351 #2 0x0000000000596eed in lval_assign (h=0x7ffe1d5bd770, msg=0x7f9d33607090, lv=0x7f9d32ca4240, rve=0x7f9d32ca4910) at core/lvalue.c:399 #3 0x00000000004807c4 in do_action (h=0x7ffe1d5bd770, a=0x7f9d32ca44e0, msg=0x7f9d33607090) at core/action.c:1430 #4 0x000000000048224e in run_actions (h=0x7ffe1d5bd770, a=0x7f9d32ca3170, msg=0x7f9d33607090) at core/action.c:1552 #5 0x0000000000482a11 in run_top_route (a=0x7f9d32ca3170, msg=0x7f9d33607090, c=0x0) at core/action.c:1641 #6 0x000000000059a3e0 in receive_msg ( buf=0x1242930 "SUBSCRIBE sip:127.0.0.1:5080;transport=tcp SIP/2.0\r\nVia: SIP/2.0/TCP 192.168.43.192:35987;branch=z9hG4bK60fe34942bb48c45;rport\r\nContact: <sip:test@test.tutpro.com;gr=urn:uuid:47759291-c9db-4eb3-a540-5"..., len=945, rcv_info=0x7f9d28a2b5d8) at core/receive.c:263 #7 0x0000000000624f83 in receive_tcp_msg ( tcpbuf=0x7f9d28a2b8b0 "SUBSCRIBE sip:127.0.0.1:5080;transport=tcp SIP/2.0\r\nVia: SIP/2.0/TCP 192.168.43.192:35987;branch=z9hG4bK60fe34942bb48c45;rport\r\nContact: <sip:test@test.tutpro.com;gr=urn:uuid:47759291-c9db-4eb3-a540-5"..., len=945, rcv_info=0x7f9d28a2b5d8, con=0x7f9d28a2b5c0) at core/tcp_read.c:1277 #8 0x0000000000626fa3 in tcp_read_req (con=0x7f9d28a2b5c0, bytes_read=0x7ffe1d5bdc68, read_flags=0x7ffe1d5bdc6c) at core/tcp_read.c:1445 #9 0x0000000000629c26 in handle_io (fm=0x7f9d3366cb38, events=1, idx=-1) at core/tcp_read.c:1619 #10 0x000000000061bcce in io_wait_loop_epoll (h=0xa9a900 <io_w>, t=2, repeat=0) at core/io_wait.h:1065 #11 0x000000000062baad in tcp_receive_loop (unix_sock=41) at core/tcp_read.c:1789 #12 0x0000000000502498 in tcp_init_children () at core/tcp_main.c:4816 #13 0x0000000000424b9f in main_loop () at main.c:1708 #14 0x000000000042b2e9 in main (argc=17, argv=0x7ffe1d5be308) at main.c:2639 (gdb)
sr-dev mailing list sr-dev@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
Daniel-Constantin Mierla writes:
Is it latest master? The line is matching an LM_ERR() with only static string.
master as it was on april 3.
You should list the code, in gdb:
frame 0
list
Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007f9d268703e0 in pv_set_ruri_host (msg=0x7f9d33607090, param=0x7f9d32ca42c0, op=254, val=0x7ffe1d5bcfc0) at pv_core.c:2243 2243 pv_core.c: No such file or directory. (gdb) frame 0 #0 0x00007f9d268703e0 in pv_set_ruri_host (msg=0x7f9d33607090, param=0x7f9d32ca42c0, op=254, val=0x7ffe1d5bcfc0) at pv_core.c:2243 2243 in pv_core.c (gdb) list 2238 in pv_core.c
-- juha
What OS do you have and which version of gdb? The list command should list the code around the line where the crash happens, but it doesn't do it for you.
Anyhow, you can extract the code around src/modules/pv/pv_core.c:2243 and send it here, to be sure it is the one you use at the time of crash.
Daniel
On 07.04.17 14:40, Juha Heinanen wrote:
Daniel-Constantin Mierla writes:
Is it latest master? The line is matching an LM_ERR() with only static string.
master as it was on april 3.
You should list the code, in gdb:
frame 0
list
Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007f9d268703e0 in pv_set_ruri_host (msg=0x7f9d33607090, param=0x7f9d32ca42c0, op=254, val=0x7ffe1d5bcfc0) at pv_core.c:2243 2243 pv_core.c: No such file or directory. (gdb) frame 0 #0 0x00007f9d268703e0 in pv_set_ruri_host (msg=0x7f9d33607090, param=0x7f9d32ca42c0, op=254, val=0x7ffe1d5bcfc0) at pv_core.c:2243 2243 in pv_core.c (gdb) list 2238 in pv_core.c
-- juha
Daniel-Constantin Mierla writes:
What OS do you have and which version of gdb? The list command should list the code around the line where the crash happens, but it doesn't do it for you.
this is debian jessie with GNU gdb (Debian 7.7.1+dfsg-5) 7.7.1.
Anyhow, you can extract the code around src/modules/pv/pv_core.c:2243 and send it here, to be sure it is the one you use at the time of crash.
i built new deb from latest master and re-run the crash. gdb tells:
2238 pv_core.c: No such file or directory. (gdb) wher #0 0x00007f35327933e0 in pv_set_ruri_host (msg=0x7f353f529dc0, param=0x7f353ebc8400, op=254, val=0x7fff67072c60) at pv_core.c:2238 #1 0x00000000005964dc in lval_pvar_assign (h=0x7fff67073410, msg=0x7f353f529dc0, lv=0x7f353ebc8380, rv=0x7f353ebc8a58) at core/lvalue.c:351 #2 0x0000000000596eed in lval_assign (h=0x7fff67073410, msg=0x7f353f529dc0, lv=0x7f353ebc8380, rve=0x7f353ebc8a50) at core/lvalue.c:399 ...
(gdb) frame 0 #0 0x00007f35327933e0 in pv_set_ruri_host (msg=0x7f353f529dc0, param=0x7f353ebc8400, op=254, val=0x7fff67072c60) at pv_core.c:2238 2238 in pv_core.c (gdb) list 2233 in pv_core.c (gdb)
and pv_core.c:2238 is marked below.
-- juha
-------------------------------------------------------------------------
int pv_set_ruri_host(struct sip_msg* msg, pv_param_t *param, int op, pv_value_t *val) { struct action act; struct run_act_ctx h; char backup;
if(msg==NULL || param==NULL || val==NULL || (val->flags&PV_VAL_NULL)) { LM_ERR("bad parameters\n"); return -1; }
if(!(val->flags&PV_VAL_STR)) { LM_ERR("str value required to set R-URI hostname\n"); goto error; }
memset(&act, 0, sizeof(act)); act.val[0].type = STRING_ST; act.val[0].u.string = val->rs.s; backup = val->rs.s[val->rs.len]; val->rs.s[val->rs.len] = '\0'; ********** this act.type = SET_HOST_T; init_run_actions_ctx(&h); if (do_action(&h, &act, msg)<0) { LM_ERR("do action failed\n"); val->rs.s[val->rs.len] = backup; goto error; } val->rs.s[val->rs.len] = backup;
return 0; error: return -1; }
Thanks, I just pushed a patch, can you try it?
Cheers, Daniel
On 07.04.17 15:32, Juha Heinanen wrote:
Daniel-Constantin Mierla writes:
What OS do you have and which version of gdb? The list command should list the code around the line where the crash happens, but it doesn't do it for you.
this is debian jessie with GNU gdb (Debian 7.7.1+dfsg-5) 7.7.1.
Anyhow, you can extract the code around src/modules/pv/pv_core.c:2243 and send it here, to be sure it is the one you use at the time of crash.
i built new deb from latest master and re-run the crash. gdb tells:
2238 pv_core.c: No such file or directory. (gdb) wher #0 0x00007f35327933e0 in pv_set_ruri_host (msg=0x7f353f529dc0, param=0x7f353ebc8400, op=254, val=0x7fff67072c60) at pv_core.c:2238 #1 0x00000000005964dc in lval_pvar_assign (h=0x7fff67073410, msg=0x7f353f529dc0, lv=0x7f353ebc8380, rv=0x7f353ebc8a58) at core/lvalue.c:351 #2 0x0000000000596eed in lval_assign (h=0x7fff67073410, msg=0x7f353f529dc0, lv=0x7f353ebc8380, rve=0x7f353ebc8a50) at core/lvalue.c:399 ...
(gdb) frame 0 #0 0x00007f35327933e0 in pv_set_ruri_host (msg=0x7f353f529dc0, param=0x7f353ebc8400, op=254, val=0x7fff67072c60) at pv_core.c:2238 2238 in pv_core.c (gdb) list 2233 in pv_core.c (gdb)
and pv_core.c:2238 is marked below.
-- juha
int pv_set_ruri_host(struct sip_msg* msg, pv_param_t *param, int op, pv_value_t *val) { struct action act; struct run_act_ctx h; char backup;
if(msg==NULL || param==NULL || val==NULL || (val->flags&PV_VAL_NULL)) { LM_ERR("bad parameters\n"); return -1; }
if(!(val->flags&PV_VAL_STR)) { LM_ERR("str value required to set R-URI hostname\n"); goto error; }
memset(&act, 0, sizeof(act)); act.val[0].type = STRING_ST; act.val[0].u.string = val->rs.s; backup = val->rs.s[val->rs.len]; val->rs.s[val->rs.len] = '\0'; ********** this act.type = SET_HOST_T; init_run_actions_ctx(&h); if (do_action(&h, &act, msg)<0) { LM_ERR("do action failed\n"); val->rs.s[val->rs.len] = backup; goto error; } val->rs.s[val->rs.len] = backup;
return 0; error: return -1; }
Daniel-Constantin Mierla writes:
Thanks, I just pushed a patch, can you try it?
Unfortunately still the same crash with this placed as the first thing in main routing block:
$var(test_uri) = "tel:+358447058060"; xlog("L_INFO", "****** extracting domain from <$var(test_uri)>\n"); $rd = $(var(test_uri){uri.host}); xlog("L_INFO", "****** request uri is <$ru>\n");
-- Juha
It was the parser setting the value of host part to "", not the transformation, so the change had to be done in other file. Can you try again with latest master?
Cheers, Daniel
On 07.04.17 16:05, Juha Heinanen wrote:
Daniel-Constantin Mierla writes:
Thanks, I just pushed a patch, can you try it?
Unfortunately still the same crash with this placed as the first thing in main routing block:
$var(test_uri) = "tel:+358447058060"; xlog("L_INFO", "****** extracting domain from <$var(test_uri)>\n"); $rd = $(var(test_uri){uri.host}); xlog("L_INFO", "****** request uri is <$ru>\n");-- Juha
Daniel-Constantin Mierla writes:
It was the parser setting the value of host part to "", not the transformation, so the change had to be done in other file. Can you try again with latest master?
thanks for the fix. now the crash is gone. statements:
$var(test_uri) = "tel:+358447058060"; xlog("L_INFO", "****** extracting host from <$var(test_uri)>\n"); $var(host) = $(var(test_uri){uri.host}); xlog("L_INFO", "****** host is <$var(host)>\n"); $rd = $var(host); xlog("L_INFO", "****** request uri is <$ru>\n");
produce to syslog:
Apr 7 18:25:24 lohi /usr/bin/sip-proxy[25002]: INFO: ****** extracting host from tel:+358447058060 Apr 7 18:25:24 lohi /usr/bin/sip-proxy[25002]: INFO: ****** host is <> Apr 7 18:25:24 lohi /usr/bin/sip-proxy[25002]: ERROR: pv [pv_core.c:250]: pv_get_ruri(): failed to parse the R-URI Apr 7 18:25:24 lohi /usr/bin/sip-proxy[25002]: INFO: ****** request uri is <<null>>
this crash has existed at least from version 4.0 onwards.
-- juha
On 07.04.17 17:27, Juha Heinanen wrote:
Daniel-Constantin Mierla writes:
It was the parser setting the value of host part to "", not the transformation, so the change had to be done in other file. Can you try again with latest master?
thanks for the fix. now the crash is gone. statements:
$var(test_uri) = "tel:+358447058060"; xlog("L_INFO", "****** extracting host from <$var(test_uri)>\n"); $var(host) = $(var(test_uri){uri.host}); xlog("L_INFO", "****** host is <$var(host)>\n"); $rd = $var(host); xlog("L_INFO", "****** request uri is <$ru>\n");produce to syslog:
Apr 7 18:25:24 lohi /usr/bin/sip-proxy[25002]: INFO: ****** extracting host from tel:+358447058060 Apr 7 18:25:24 lohi /usr/bin/sip-proxy[25002]: INFO: ****** host is <> Apr 7 18:25:24 lohi /usr/bin/sip-proxy[25002]: ERROR: pv [pv_core.c:250]: pv_get_ruri(): failed to parse the R-URI Apr 7 18:25:24 lohi /usr/bin/sip-proxy[25002]: INFO: ****** request uri is <<null>>
this crash has existed at least from version 4.0 onwards.
Indeed, patches will be backported -- I see you did it for 5.0, thanks!
Daniel
-
Daniel-Constantin Mierla -
Juha Heinanen